SaladCesar Hi, thanks! I have already found someone who is also willing to try, but sadly I haven't been able to fully bypass it yet. Will do some further investigation and reach out to you, should I need someone else to test it.

@1fexd Aren't they either using the hardware key attestation API or the Play Integrity API? Hardware key attestation API can be used to detect green verified boot state without a way to spoof it (it can be bypassed via an exploit for leaking keys but not spoofed).

So from my findings they do a simple root/bootloader unlocked check via the RootBeer library which is quite trivial to remove from the app with a patch built on the ReVanced framework. It appears, however, that they are indeed also using PlayIntegrity. I am currently checking if they associate the verdict with the app installation ID or something similar, because the behavior I have observed is that the app launches, appears to do a "classic" PlayIntegrity check, then shows a toast error message and shuts down the app. Maybe it is possible to just patch out the code that shuts down the app.

20 days later

I think they decided to rewrite the app after getting so many 1 stars in G Play and people complaining about it. The latest version works just fine, even with memory tagging enabled and native debugging disabled).

    iyanmv

    iyanmv The latest version works just fine, even with memory tagging enabled and native debugging disabled).

    I'm not a Swiss citizen so can't properly test this, but I confirm that I'm able to launch the app and proceed to the account registration page without issues. No exploit protection compatibility mode was needed.

    If the app proceeds to work fine after that, this is really great news!

    5 months later

    They broke the app again with the recent updates. Now the app starts and shows a screen that says: "Device appears to be rooted. For security reasons, you can not use the SwissID App on a rooted phone. We are happy to welcome you back one your phone has been restored to a non-rooted state."

    I'm contacting support again with zero hope that they will understand or help anything. Not only that, now the app also uses native code debugging, and they introduced some memory bug that is detected by the memory tagging of the Pixel 8.

    Hi all
    just got an answer from Swiss ID Suppport that they change again:

    Seit dem letzten Update haben wir ein anderes appdome als Root-SDK verwendet und sind dabei, es durch ein anderes zu ersetzen, das andere Identifikationsprinzipien hat.

    Wir arbeiten daran, und Sie werden benachrichtigt, sobald das Problem behoben ist.

    Als alternative Verifizierungsmethode können Sie stattdessen eine SMS anfordern, während Sie Ihr Passwort eingeben.

    Vielen Dank im Voraus für Ihre Antwort und Ihr Verständnis.

    Mit freundlichen Grüssen

      claib Could someone please translate the text? I think I understand what it's saying but my German is quite rusty.

        fid02 From DeepL Translate:

        Since the last update we have been using a different appdome as root SDK
        and are in the process of replacing it with another one that has different
        identification principles.

        We are working on this and you will be notified as soon as the issue is resolved.

        As an alternative verification method, you can request an SMS while entering your password instead.

        Thank you in advance for your response and understanding.

        Yours sincerely

        12 days later

        claib I think they answered you nicely because you asked in Germany. For me, as in the past, they were quite rude and unhelpful, even though I tried to give as much information as possible to help the devs. They should really train their first level support better...

        I have the same problem. The support confirms running a custom ROM breaks compatibility. Their advice is to factory reset the phone or use another phone.

        The severity of the bug has increased because the SwissID is now mandatory for many governmental services such as the Electronic Patient File.

        They are so incompetent because as a fallback you have to use SMS OTP which is not phishing resistant. You cannot switch off SMS OTP.

        Is there any collaboration between Graphene and the developers of those root-detecting SDKs? To me it looks like this is a malfunction of an SDK since the phone is not rooted.

        8 days later

        Just came here to say that I have the same problem on a Pixel 6a with GrapheneOS BUT also on a Motorola which has stock Android, is not rooted or has any other modification. It's a completely new phone. So their root detection is clearing broken.